Wednesday, October 31, 2007

Version 1.2 of mod_wsgi is now available.

Mark beat me to the punch again and got word out about mod_wsgi 1.2 before I myself got a chance to sit down and blog about it. I'll have to start paying him as my publicist soon.

Version 1.2 of mod_wsgi is a bug fix only release, addressing issues with WSGI specification compliance, sub process invocation from Python in a mod_wsgi daemon process and most importantly of all, an issue whereby a second sub interpreter instance could be created for each WSGI application group when targeted by a specifically formed URL.

This latter issue of a second sub interpreter being created only affects users of Apache 1.3 and 2.0. Because it can have the affect of doubling the memory in use by the application, it is highly recommended that users of these Apache versions upgrade to mod_wsgi 1.2, given that in a memory constrained environment the bug could be exploited as a form of remote denial of service attack.

At the same time as mod_wsgi 1.2 has been released, the first release candidate formod_wsgi 2.0 has also been released. This version provides a number of new features including, integration with Apache authentication and authorisation mechanisms in Apache 2.2, a new process reloading option for mod_wsgi daemon processes which makes reloading a Python application when changes are made trivial, and direct support for Python virtual environments such as workingenv and virtualenv. I'll blog about these and other new features in mod_wsgi 2.0 in the coming weeks.